4046891ad81719fd02124ca0a35c41adc20bdd5de99169f288590e3bafb31b96 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4046891ad81719fd02124ca0a35c41adc20bdd5de99169f288590e3bafb31b96
Size

834KB
MD5

43ae6a37501c3e69c35c38f0050d3ea8
SHA1

e32b0a22d4f961dfc546e572aef1f640edf171fe
SHA256

4046891ad81719fd02124ca0a35c41adc20bdd5de99169f288590e3bafb31b96
SHA512

53cf1bc5940ddb4c07c40d04fda5f9e9bf4e118d2ef6186e1acf81c38673628ccbc97c1db47da1dd5de633d34e2f5f8cc9d5da0701bf0dccfb5f280edd00b346
SSDEEP

24576:T/5JzX2fzggf9/Tdxi06+lhyq3ldxWL5pjCMUdFCkKZ:7z2fzT9/TKJ+pLxwpjCMCG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4046891ad81719fd02124ca0a35c41adc20bdd5de99169f288590e3bafb31b96

Files

4046891ad81719fd02124ca0a35c41adc20bdd5de99169f288590e3bafb31b96
.exe windows x86

84779ff278daf81c4e074241a60d4867

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

imm32

ImmSetConversionStatus

winspool.drv

OpenPrinterA

comdlg32

PrintDlgA

Sections

CODE
Size: 788KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE